Re: [IPsec] IKE fragmentation
Yoav Nir <ynir@checkpoint.com> Wed, 13 March 2013 23:43 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A5CD11E8109 for <ipsec@ietfa.amsl.com>; Wed, 13 Mar 2013 16:43:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.583
X-Spam-Level:
X-Spam-Status: No, score=-10.583 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CV0V-An6KcAm for <ipsec@ietfa.amsl.com>; Wed, 13 Mar 2013 16:43:15 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id 9950F11E80E8 for <ipsec@ietf.org>; Wed, 13 Mar 2013 16:43:14 -0700 (PDT)
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r2DNhC3a004696; Thu, 14 Mar 2013 01:43:12 +0200
X-CheckPoint: {51410E3C-2-1B221DC2-2FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.54]) by DAG-EX10.ad.checkpoint.com ([169.254.3.95]) with mapi id 14.02.0342.003; Thu, 14 Mar 2013 01:43:12 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: Valery Smyslov <svanru@gmail.com>
Thread-Topic: [IPsec] IKE fragmentation
Thread-Index: AQHOH/P+dHmEPMd7P0SMbddmnpEj3pikJ5oA
Date: Wed, 13 Mar 2013 23:43:11 +0000
Message-ID: <A5B456F7-DE58-4755-95B0-97D5D15D066C@checkpoint.com>
References: <20799.34490.611737.922474@fireball.kivinen.iki.fi> <294A12724CB849D2A33F7F80CC82426A@buildpc> <51408287.7080207@gmail.com> <3028CF35E60A40068CE70EB7BB0BDEF1@buildpc>
In-Reply-To: <3028CF35E60A40068CE70EB7BB0BDEF1@buildpc>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.20.156]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: text/plain; charset="us-ascii"
Content-ID: <99C4B59579F53648897873573F839A70@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "<ipsec@ietf.org>" <ipsec@ietf.org>, Tero Kivinen <kivinen@iki.fi>
Subject: Re: [IPsec] IKE fragmentation
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 23:43:15 -0000
On Mar 13, 2013, at 10:06 AM, Valery Smyslov <svanru@gmail.com> wrote: > Hi Yaron, > >> I believe the DoS argument is incorrect, because the message we are most worried about (most likely to get fragmented) is IKE_AUTH, and at this point both peers are not yet authenticated, of course. So fragments and messages can be encrypted but cannot be authenticated. Thus, an attacker can send any number of seemingly valid fragments. >> >> Let me know if I'm missing anything. > > I agree that term "authenticated" is a bit misleading here. > The better term would be "integrity protected". > In our proposal receiver can be absolutely sure that > each fragment comes from the very peer he/she exchanged > DH exponents and calculated shared secret with. > > All fragments which ICV cannot be verified are discarded > and don't prevent communication with real peer in any way. So in order to get the responder to spend memory resources on storing the fragment, the initiator needs to expand CPU resources on completing the D-H calculation, and calculating integrity protection on the fragment. Makes sense. What do you get when you put together the fragments? a decrypted IKE message? Just the list of payloads? Yoav
- [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Yaron Sheffer
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Derek Atkins
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Yoav Nir
- [IPsec] Informal poll on IKEv2 { over TCP | fragm… Paul Hoffman
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Yoav Nir
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Valery Smyslov
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Paul_Koning
- Re: [IPsec] IKE fragmentation Yaron Sheffer
- [IPsec] Informal poll on IKEv2 { over TCP | fragm… Tero Kivinen
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Brian Weis